Compare commits
126 Commits
Author | SHA1 | Date |
---|---|---|
Cole Robinson | a2a0690100 | |
Cole Robinson | 6097c1e928 | |
Cole Robinson | 485f0df965 | |
Cole Robinson | 9b9d774b4c | |
Cole Robinson | 993dac8a6a | |
Daniel J Walsh | 8148e20353 | |
Daniel P. Berrangé | 01be77e650 | |
Daniel P. Berrangé | 7a2cfc0dc9 | |
Cole Robinson | 29db26f008 | |
Cole Robinson | bc9be573e5 | |
Cole Robinson | d1ec89a9b6 | |
Cole Robinson | 73b18a62cc | |
Cole Robinson | 86885a407c | |
Richard W.M. Jones | ccf23d4e53 | |
Richard W.M. Jones | 7f59bf8f07 | |
Richard W.M. Jones | a9028c06ad | |
Richard W.M. Jones | de31087629 | |
Neal Gompa | 9cb11a192e | |
Cole Robinson | eef9c627be | |
Cole Robinson | 28427057d8 | |
Cole Robinson | 13f29f2869 | |
Eduardo Lima (Etrunko) | d73434f02c | |
Paolo Bonzini | 06a96ef6dd | |
Fedora Release Engineering | f38131b637 | |
Cole Robinson | ffa629f31c | |
Richard W.M. Jones | 6dc1a3e091 | |
Eduardo Lima (Etrunko) | a640e151b2 | |
Eduardo Lima (Etrunko) | 2d6f694dd7 | |
Eduardo Lima (Etrunko) | 842e805475 | |
Daniel P. Berrangé | f54452a157 | |
Richard W.M. Jones | f9f5de9994 | |
Richard W.M. Jones | 69b8f67c7d | |
Richard W.M. Jones | eedf91107a | |
Richard W.M. Jones | 1609e9b0cd | |
Adam Williamson | b34716a4e7 | |
Cole Robinson | 59b417a5f3 | |
Cole Robinson | 9182556bd5 | |
Cole Robinson | 7be05bc02d | |
Cole Robinson | 1d93f5191e | |
Richard W.M. Jones | 65ccb9e09a | |
Richard W.M. Jones | c5273992ba | |
Richard W.M. Jones | c1a37784f9 | |
Richard W.M. Jones | 9eb1916f15 | |
Richard W.M. Jones | 1ba242c778 | |
Richard W.M. Jones | 96944e0b05 | |
Eduardo Lima (Etrunko) | 050829c2b7 | |
Eduardo Lima (Etrunko) | 79f4b0ef32 | |
Eduardo Lima (Etrunko) | a06059bd4d | |
Eduardo Lima (Etrunko) | 7403595754 | |
Eduardo Lima (Etrunko) | bf8d867e21 | |
Eduardo Lima (Etrunko) | 51980a6acd | |
Eduardo Lima (Etrunko) | b048de05e7 | |
Cole Robinson | 6bb4bb52c7 | |
Cole Robinson | f744b8b952 | |
Cole Robinson | f806e664d9 | |
Cole Robinson | 38b1a6c732 | |
Cole Robinson | b7cbd7e5e1 | |
Cole Robinson | e3c05f4d3e | |
Cole Robinson | 1ac11e4877 | |
Cole Robinson | 2dc6f7395e | |
Cole Robinson | 0edf0fe9c8 | |
Richard W.M. Jones | e5d06dbc16 | |
Richard W.M. Jones | 2825584364 | |
Fedora Release Engineering | 6af1856936 | |
Cole Robinson | d6b4a46932 | |
Cole Robinson | ba7d6c0e41 | |
Cole Robinson | 7ae7935089 | |
Cole Robinson | e1bf97d468 | |
Cole Robinson | 51821d35c5 | |
Cole Robinson | 180e0d8daf | |
Cole Robinson | e0cb84627a | |
Cole Robinson | f1ea3b69f7 | |
Cole Robinson | d13afbee6a | |
Cole Robinson | b013f94648 | |
Cole Robinson | d5c2bbe293 | |
Cole Robinson | 05fedb21f6 | |
Cole Robinson | 0ae9d20128 | |
Cole Robinson | 183fcd911e | |
Cole Robinson | e6c8eaee02 | |
Cole Robinson | d4c8ff71ce | |
Cole Robinson | f4c1719ae1 | |
Cole Robinson | 73149263f3 | |
Cole Robinson | b2595a5449 | |
Cole Robinson | d636452cba | |
Cole Robinson | 4a2d9a4c52 | |
Cole Robinson | f54ac0f7d7 | |
Cole Robinson | 833342c627 | |
Cole Robinson | ad860648fa | |
Cole Robinson | 91b70a682d | |
Cole Robinson | 4abd8de197 | |
Cole Robinson | 566be371a3 | |
Cole Robinson | 7a925b3802 | |
Cole Robinson | 443b083edd | |
Cole Robinson | ec76e0bb54 | |
Cole Robinson | ec4dab0a93 | |
Cole Robinson | 7e8e4ff4c0 | |
Cole Robinson | 6c55704061 | |
Cole Robinson | 09badc27ce | |
Richard W.M. Jones | 1081205b84 | |
Cole Robinson | 658feedf3f | |
Cole Robinson | 5c8060d1bd | |
Cole Robinson | 9348aa0ea4 | |
Cole Robinson | 1ba19df591 | |
Paolo Bonzini | d9c8b54b44 | |
Paolo Bonzini | 169bee2e2a | |
Paolo Bonzini | 610d93e5b9 | |
Cole Robinson | 66fde773e9 | |
serge-sans-paille | 7e7be1c025 | |
Cole Robinson | 47a69fd3ce | |
Richard W.M. Jones | c0b65475ef | |
Richard W.M. Jones | ac27562f19 | |
Cole Robinson | dcfe42be8d | |
Cole Robinson | ba23d039c8 | |
Cole Robinson | c7533d29df | |
Zbigniew Jędrzejewski-Szmek | 0ff75312ab | |
Cole Robinson | 8b5ba7c256 | |
Fedora Release Engineering | c996909a49 | |
Paolo Bonzini | d1c4548bc8 | |
Paolo Bonzini | 74370c64ef | |
Tom Stellard | 130b985a3c | |
Daniel P. Berrangé | fac3f007a0 | |
Richard W.M. Jones | 1abc8e9bf0 | |
Richard W.M. Jones | a3063707fe | |
Mohan Boddu | 18c8d565ff | |
Cole Robinson | 5a84bef82e | |
Richard W.M. Jones | d283ab8f84 |
|
@ -0,0 +1 @@
|
||||||
|
1
|
|
@ -0,0 +1,38 @@
|
||||||
|
From 46697cb96e1cc6c3f1edbe572cee1ce9ac97cc58 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Richard Henderson <richard.henderson@linaro.org>
|
||||||
|
Date: Mon, 14 Mar 2022 17:25:06 -0700
|
||||||
|
Subject: [PATCH] accel/tcg: Fix cpu_ldq_be_mmu typo
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
In the conversion to cpu_ld_*_mmu, the retaddr parameter
|
||||||
|
was corrupted in the one case of cpu_ldq_be_mmu.
|
||||||
|
|
||||||
|
Fixes: f83bcecb1 ("accel/tcg: Add cpu_{ld,st}*_mmu interfaces")
|
||||||
|
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/902
|
||||||
|
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
|
||||||
|
Message-Id: <20220315002506.152030-1-richard.henderson@linaro.org>
|
||||||
|
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
|
||||||
|
Tested-by: Thomas Huth <thuth@redhat.com>
|
||||||
|
Signed-off-by: Thomas Huth <thuth@redhat.com>
|
||||||
|
---
|
||||||
|
accel/tcg/cputlb.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/accel/tcg/cputlb.c b/accel/tcg/cputlb.c
|
||||||
|
index 3b918fe018..2035b2ac0a 100644
|
||||||
|
--- a/accel/tcg/cputlb.c
|
||||||
|
+++ b/accel/tcg/cputlb.c
|
||||||
|
@@ -2174,7 +2174,7 @@ uint32_t cpu_ldl_be_mmu(CPUArchState *env, abi_ptr addr,
|
||||||
|
uint64_t cpu_ldq_be_mmu(CPUArchState *env, abi_ptr addr,
|
||||||
|
MemOpIdx oi, uintptr_t ra)
|
||||||
|
{
|
||||||
|
- return cpu_load_helper(env, addr, oi, MO_BEQ, helper_be_ldq_mmu);
|
||||||
|
+ return cpu_load_helper(env, addr, oi, ra, helper_be_ldq_mmu);
|
||||||
|
}
|
||||||
|
|
||||||
|
uint16_t cpu_ldw_le_mmu(CPUArchState *env, abi_ptr addr,
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
|
@ -0,0 +1,90 @@
|
||||||
|
From 8cdb99af45365727ac17f45239a9b8c1d5155c6d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Date: Mon, 27 Dec 2021 14:31:17 -0500
|
||||||
|
Subject: [PATCH] acpi: fix QEMU crash when started with SLIC table
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
if QEMU is started with used provided SLIC table blob,
|
||||||
|
|
||||||
|
-acpitable sig=SLIC,oem_id='CRASH ',oem_table_id="ME",oem_rev=00002210,asl_compiler_id="",asl_compiler_rev=00000000,data=/dev/null
|
||||||
|
it will assert with:
|
||||||
|
|
||||||
|
hw/acpi/aml-build.c:61:build_append_padded_str: assertion failed: (len <= maxlen)
|
||||||
|
|
||||||
|
and following backtrace:
|
||||||
|
|
||||||
|
...
|
||||||
|
build_append_padded_str (array=0x555556afe320, str=0x555556afdb2e "CRASH ME", maxlen=0x6, pad=0x20) at hw/acpi/aml-build.c:61
|
||||||
|
acpi_table_begin (desc=0x7fffffffd1b0, array=0x555556afe320) at hw/acpi/aml-build.c:1727
|
||||||
|
build_fadt (tbl=0x555556afe320, linker=0x555557ca3830, f=0x7fffffffd318, oem_id=0x555556afdb2e "CRASH ME", oem_table_id=0x555556afdb34 "ME") at hw/acpi/aml-build.c:2064
|
||||||
|
...
|
||||||
|
|
||||||
|
which happens due to acpi_table_begin() expecting NULL terminated
|
||||||
|
oem_id and oem_table_id strings, which is normally the case, but
|
||||||
|
in case of user provided SLIC table, oem_id points to table's blob
|
||||||
|
directly and as result oem_id became longer than expected.
|
||||||
|
|
||||||
|
Fix issue by handling oem_id consistently and make acpi_get_slic_oem()
|
||||||
|
return NULL terminated strings.
|
||||||
|
|
||||||
|
PS:
|
||||||
|
After [1] refactoring, oem_id semantics became inconsistent, where
|
||||||
|
NULL terminated string was coming from machine and old way pointer
|
||||||
|
into byte array coming from -acpitable option. That used to work
|
||||||
|
since build_header() wasn't expecting NULL terminated string and
|
||||||
|
blindly copied the 1st 6 bytes only.
|
||||||
|
|
||||||
|
However commit [2] broke that by replacing build_header() with
|
||||||
|
acpi_table_begin(), which was expecting NULL terminated string
|
||||||
|
and was checking oem_id size.
|
||||||
|
|
||||||
|
1) 602b45820 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
|
||||||
|
2)
|
||||||
|
Fixes: 4b56e1e4eb08 ("acpi: build_fadt: use acpi_table_begin()/acpi_table_end() instead of build_header()")
|
||||||
|
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/786
|
||||||
|
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Message-Id: <20211227193120.1084176-2-imammedo@redhat.com>
|
||||||
|
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
|
||||||
|
Tested-by: Denis Lisov <dennis.lissov@gmail.com>
|
||||||
|
Tested-by: Alexander Tsoy <alexander@tsoy.me>
|
||||||
|
Cc: qemu-stable@nongnu.org
|
||||||
|
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
---
|
||||||
|
hw/acpi/core.c | 4 ++--
|
||||||
|
hw/i386/acpi-build.c | 2 ++
|
||||||
|
2 files changed, 4 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/hw/acpi/core.c b/hw/acpi/core.c
|
||||||
|
index 1e004d0078..3e811bf03c 100644
|
||||||
|
--- a/hw/acpi/core.c
|
||||||
|
+++ b/hw/acpi/core.c
|
||||||
|
@@ -345,8 +345,8 @@ int acpi_get_slic_oem(AcpiSlicOem *oem)
|
||||||
|
struct acpi_table_header *hdr = (void *)(u - sizeof(hdr->_length));
|
||||||
|
|
||||||
|
if (memcmp(hdr->sig, "SLIC", 4) == 0) {
|
||||||
|
- oem->id = hdr->oem_id;
|
||||||
|
- oem->table_id = hdr->oem_table_id;
|
||||||
|
+ oem->id = g_strndup(hdr->oem_id, 6);
|
||||||
|
+ oem->table_id = g_strndup(hdr->oem_table_id, 8);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
|
||||||
|
index 8383b83ee3..0234fe7588 100644
|
||||||
|
--- a/hw/i386/acpi-build.c
|
||||||
|
+++ b/hw/i386/acpi-build.c
|
||||||
|
@@ -2723,6 +2723,8 @@ void acpi_build(AcpiBuildTables *tables, MachineState *machine)
|
||||||
|
|
||||||
|
/* Cleanup memory that's no longer used. */
|
||||||
|
g_array_free(table_offsets, true);
|
||||||
|
+ g_free(slic_oem.id);
|
||||||
|
+ g_free(slic_oem.table_id);
|
||||||
|
}
|
||||||
|
|
||||||
|
static void acpi_ram_update(MemoryRegion *mr, GArray *data)
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
|
@ -0,0 +1,27 @@
|
||||||
|
From 509b6078631ad2437e1a452f749831e401fb8afb Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Tue, 1 Feb 2022 20:09:37 +0100
|
||||||
|
Subject: [PATCH] target/i386: the sgx_epc_get_section stub is reachable
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
The sgx_epc_get_section stub is reachable from cpu_x86_cpuid. It
|
||||||
|
should not assert, instead it should just return true just like
|
||||||
|
the "real" sgx_epc_get_section does when SGX is disabled.
|
||||||
|
|
||||||
|
Reported-by: Vladimír Beneš <vbenes@redhat.com>
|
||||||
|
Cc: qemu-stable@nongnu.org
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
|
||||||
|
diff --git a/hw/i386/sgx-stub.c b/hw/i386/sgx-stub.c
|
||||||
|
index 26833eb233..16b1dfd90b 100644
|
||||||
|
--- a/hw/i386/sgx-stub.c
|
||||||
|
+++ b/hw/i386/sgx-stub.c
|
||||||
|
@@ -34,5 +34,5 @@ void pc_machine_init_sgx_epc(PCMachineState *pcms)
|
||||||
|
|
||||||
|
bool sgx_epc_get_section(int section_nr, uint64_t *addr, uint64_t *size)
|
||||||
|
{
|
||||||
|
- g_assert_not_reached();
|
||||||
|
+ return true;
|
||||||
|
}
|
|
@ -0,0 +1,58 @@
|
||||||
|
From 7b223e38603de3a75602e14914d26f9d4baf52eb Mon Sep 17 00:00:00 2001
|
||||||
|
From: Christian Ehrhardt <christian.ehrhardt@canonical.com>
|
||||||
|
Date: Wed, 9 Feb 2022 12:14:56 +0100
|
||||||
|
Subject: [PATCH 1/2] tools/virtiofsd: Add rseq syscall to the seccomp
|
||||||
|
allowlist
|
||||||
|
|
||||||
|
The virtiofsd currently crashes when used with glibc 2.35.
|
||||||
|
That is due to the rseq system call being added to every thread
|
||||||
|
creation [1][2].
|
||||||
|
|
||||||
|
[1]: https://www.efficios.com/blog/2019/02/08/linux-restartable-sequences/
|
||||||
|
[2]: https://sourceware.org/pipermail/libc-alpha/2022-February/136040.html
|
||||||
|
|
||||||
|
This happens not at daemon start, but when a guest connects
|
||||||
|
|
||||||
|
/usr/lib/qemu/virtiofsd -f --socket-path=/tmp/testvfsd -o sandbox=chroot \
|
||||||
|
-o source=/var/guests/j-virtiofs --socket-group=kvm
|
||||||
|
virtio_session_mount: Waiting for vhost-user socket connection...
|
||||||
|
# start ok, now guest will connect
|
||||||
|
virtio_session_mount: Received vhost-user socket connection
|
||||||
|
virtio_loop: Entry
|
||||||
|
fv_queue_set_started: qidx=0 started=1
|
||||||
|
fv_queue_set_started: qidx=1 started=1
|
||||||
|
Bad system call (core dumped)
|
||||||
|
|
||||||
|
We have to put rseq on the seccomp allowlist to avoid that the daemon
|
||||||
|
is crashing in this case.
|
||||||
|
|
||||||
|
Reported-by: Michael Hudson-Doyle <michael.hudson@canonical.com>
|
||||||
|
Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
|
||||||
|
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||||
|
Message-id: 20220209111456.3328420-1-christian.ehrhardt@canonical.com
|
||||||
|
|
||||||
|
[Moved rseq to its alphabetically ordered position in the seccomp
|
||||||
|
allowlist.
|
||||||
|
--Stefan]
|
||||||
|
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||||
|
---
|
||||||
|
tools/virtiofsd/passthrough_seccomp.c | 3 +++
|
||||||
|
1 file changed, 3 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/tools/virtiofsd/passthrough_seccomp.c b/tools/virtiofsd/passthrough_seccomp.c
|
||||||
|
index a3ce9f898d..2bc0127b69 100644
|
||||||
|
--- a/tools/virtiofsd/passthrough_seccomp.c
|
||||||
|
+++ b/tools/virtiofsd/passthrough_seccomp.c
|
||||||
|
@@ -91,6 +91,9 @@ static const int syscall_allowlist[] = {
|
||||||
|
SCMP_SYS(renameat2),
|
||||||
|
SCMP_SYS(removexattr),
|
||||||
|
SCMP_SYS(restart_syscall),
|
||||||
|
+#ifdef __NR_rseq
|
||||||
|
+ SCMP_SYS(rseq), /* required since glibc 2.35 */
|
||||||
|
+#endif
|
||||||
|
SCMP_SYS(rt_sigaction),
|
||||||
|
SCMP_SYS(rt_sigprocmask),
|
||||||
|
SCMP_SYS(rt_sigreturn),
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
|
@ -0,0 +1,101 @@
|
||||||
|
From 449e8171f96a6a944d1f3b7d3627ae059eae21ca Mon Sep 17 00:00:00 2001
|
||||||
|
From: Vivek Goyal <vgoyal@redhat.com>
|
||||||
|
Date: Tue, 25 Jan 2022 13:51:14 -0500
|
||||||
|
Subject: [PATCH] virtiofsd: Drop membership of all supplementary groups
|
||||||
|
(CVE-2022-0358)
|
||||||
|
|
||||||
|
At the start, drop membership of all supplementary groups. This is
|
||||||
|
not required.
|
||||||
|
|
||||||
|
If we have membership of "root" supplementary group and when we switch
|
||||||
|
uid/gid using setresuid/setsgid, we still retain membership of existing
|
||||||
|
supplemntary groups. And that can allow some operations which are not
|
||||||
|
normally allowed.
|
||||||
|
|
||||||
|
For example, if root in guest creates a dir as follows.
|
||||||
|
|
||||||
|
$ mkdir -m 03777 test_dir
|
||||||
|
|
||||||
|
This sets SGID on dir as well as allows unprivileged users to write into
|
||||||
|
this dir.
|
||||||
|
|
||||||
|
And now as unprivileged user open file as follows.
|
||||||
|
|
||||||
|
$ su test
|
||||||
|
$ fd = open("test_dir/priviledge_id", O_RDWR|O_CREAT|O_EXCL, 02755);
|
||||||
|
|
||||||
|
This will create SGID set executable in test_dir/.
|
||||||
|
|
||||||
|
And that's a problem because now an unpriviliged user can execute it,
|
||||||
|
get egid=0 and get access to resources owned by "root" group. This is
|
||||||
|
privilege escalation.
|
||||||
|
|
||||||
|
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2044863
|
||||||
|
Fixes: CVE-2022-0358
|
||||||
|
Reported-by: JIETAO XIAO <shawtao1125@gmail.com>
|
||||||
|
Suggested-by: Miklos Szeredi <mszeredi@redhat.com>
|
||||||
|
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
|
||||||
|
Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||||
|
Signed-off-by: Vivek Goyal <vgoyal@redhat.com>
|
||||||
|
Message-Id: <YfBGoriS38eBQrAb@redhat.com>
|
||||||
|
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||||
|
dgilbert: Fixed missing {}'s style nit
|
||||||
|
---
|
||||||
|
tools/virtiofsd/passthrough_ll.c | 27 +++++++++++++++++++++++++++
|
||||||
|
1 file changed, 27 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
|
||||||
|
index 64b5b4fbb1..b3d0674f6d 100644
|
||||||
|
--- a/tools/virtiofsd/passthrough_ll.c
|
||||||
|
+++ b/tools/virtiofsd/passthrough_ll.c
|
||||||
|
@@ -54,6 +54,7 @@
|
||||||
|
#include <sys/wait.h>
|
||||||
|
#include <sys/xattr.h>
|
||||||
|
#include <syslog.h>
|
||||||
|
+#include <grp.h>
|
||||||
|
|
||||||
|
#include "qemu/cutils.h"
|
||||||
|
#include "passthrough_helpers.h"
|
||||||
|
@@ -1161,6 +1162,30 @@ static void lo_lookup(fuse_req_t req, fuse_ino_t parent, const char *name)
|
||||||
|
#define OURSYS_setresuid SYS_setresuid
|
||||||
|
#endif
|
||||||
|
|
||||||
|
+static void drop_supplementary_groups(void)
|
||||||
|
+{
|
||||||
|
+ int ret;
|
||||||
|
+
|
||||||
|
+ ret = getgroups(0, NULL);
|
||||||
|
+ if (ret == -1) {
|
||||||
|
+ fuse_log(FUSE_LOG_ERR, "getgroups() failed with error=%d:%s\n",
|
||||||
|
+ errno, strerror(errno));
|
||||||
|
+ exit(1);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (!ret) {
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ /* Drop all supplementary groups. We should not need it */
|
||||||
|
+ ret = setgroups(0, NULL);
|
||||||
|
+ if (ret == -1) {
|
||||||
|
+ fuse_log(FUSE_LOG_ERR, "setgroups() failed with error=%d:%s\n",
|
||||||
|
+ errno, strerror(errno));
|
||||||
|
+ exit(1);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* Change to uid/gid of caller so that file is created with
|
||||||
|
* ownership of caller.
|
||||||
|
@@ -3926,6 +3951,8 @@ int main(int argc, char *argv[])
|
||||||
|
|
||||||
|
qemu_init_exec_dir(argv[0]);
|
||||||
|
|
||||||
|
+ drop_supplementary_groups();
|
||||||
|
+
|
||||||
|
pthread_mutex_init(&lo.mutex, NULL);
|
||||||
|
lo.inodes = g_hash_table_new(lo_key_hash, lo_key_equal);
|
||||||
|
lo.root.fd = -1;
|
||||||
|
--
|
||||||
|
GitLab
|
||||||
|
|
|
@ -0,0 +1,41 @@
|
||||||
|
From 41af4459ac47e107093c3f54b6875d54723aa613 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Sebastian Hasler <sebastian.hasler@stuvus.uni-stuttgart.de>
|
||||||
|
Date: Thu, 13 Jan 2022 16:32:49 +0100
|
||||||
|
Subject: [PATCH 2/2] virtiofsd: Do not support blocking flock
|
||||||
|
|
||||||
|
With the current implementation, blocking flock can lead to
|
||||||
|
deadlock. Thus, it's better to return EOPNOTSUPP if a user attempts
|
||||||
|
to perform a blocking flock request.
|
||||||
|
|
||||||
|
Signed-off-by: Sebastian Hasler <sebastian.hasler@stuvus.uni-stuttgart.de>
|
||||||
|
Message-Id: <20220113153249.710216-1-sebastian.hasler@stuvus.uni-stuttgart.de>
|
||||||
|
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
|
||||||
|
Reviewed-by: Vivek Goyal <vgoyal@redhat.com>
|
||||||
|
Reviewed-by: Greg Kurz <groug@kaod.org>
|
||||||
|
---
|
||||||
|
tools/virtiofsd/passthrough_ll.c | 9 +++++++++
|
||||||
|
1 file changed, 9 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
|
||||||
|
index b3d0674f6d..3e56d1cd95 100644
|
||||||
|
--- a/tools/virtiofsd/passthrough_ll.c
|
||||||
|
+++ b/tools/virtiofsd/passthrough_ll.c
|
||||||
|
@@ -2467,6 +2467,15 @@ static void lo_flock(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi,
|
||||||
|
int res;
|
||||||
|
(void)ino;
|
||||||
|
|
||||||
|
+ if (!(op & LOCK_NB)) {
|
||||||
|
+ /*
|
||||||
|
+ * Blocking flock can deadlock as there is only one thread
|
||||||
|
+ * serving the queue.
|
||||||
|
+ */
|
||||||
|
+ fuse_reply_err(req, EOPNOTSUPP);
|
||||||
|
+ return;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
res = flock(lo_fi_fd(req, fi), op);
|
||||||
|
|
||||||
|
fuse_reply_err(req, res == -1 ? errno : 0);
|
||||||
|
--
|
||||||
|
2.35.1
|
||||||
|
|
|
@ -0,0 +1,65 @@
|
||||||
|
From 06e277d27dae489dcd3d70cc8c84b20015777978 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Date: Wed, 12 Jan 2022 08:03:29 -0500
|
||||||
|
Subject: [PATCH] tests: acpi: manually pad OEM_ID/OEM_TABLE_ID for
|
||||||
|
test_oem_fields() test
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
The next commit will revert OEM fields padding with whitespace to
|
||||||
|
padding with '\0' as it was before [1]. As result test_oem_fields() will
|
||||||
|
fail due to unexpectedly smaller ID sizes read from QEMU ACPI tables.
|
||||||
|
|
||||||
|
Pad OEM_ID/OEM_TABLE_ID manually with spaces so that values the test
|
||||||
|
puts on QEMU CLI and expected values match.
|
||||||
|
|
||||||
|
1) 602b458201 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
|
||||||
|
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Message-Id: <20220112130332.1648664-2-imammedo@redhat.com>
|
||||||
|
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
(cherry picked from commit a849522f726767022203ef2b6c395ea19facb866)
|
||||||
|
---
|
||||||
|
tests/qtest/bios-tables-test.c | 15 ++++++---------
|
||||||
|
1 file changed, 6 insertions(+), 9 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c
|
||||||
|
index 258874167e..f5ae719b96 100644
|
||||||
|
--- a/tests/qtest/bios-tables-test.c
|
||||||
|
+++ b/tests/qtest/bios-tables-test.c
|
||||||
|
@@ -71,9 +71,10 @@
|
||||||
|
|
||||||
|
#define ACPI_REBUILD_EXPECTED_AML "TEST_ACPI_REBUILD_AML"
|
||||||
|
|
||||||
|
-#define OEM_ID "TEST"
|
||||||
|
-#define OEM_TABLE_ID "OEM"
|
||||||
|
-#define OEM_TEST_ARGS "-machine x-oem-id="OEM_ID",x-oem-table-id="OEM_TABLE_ID
|
||||||
|
+#define OEM_ID "TEST "
|
||||||
|
+#define OEM_TABLE_ID "OEM "
|
||||||
|
+#define OEM_TEST_ARGS "-machine x-oem-id='" OEM_ID "',x-oem-table-id='" \
|
||||||
|
+ OEM_TABLE_ID "'"
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
bool tcg_only;
|
||||||
|
@@ -1468,11 +1469,7 @@ static void test_acpi_virt_tcg(void)
|
||||||
|
static void test_oem_fields(test_data *data)
|
||||||
|
{
|
||||||
|
int i;
|
||||||
|
- char oem_id[6];
|
||||||
|
- char oem_table_id[8];
|
||||||
|
|
||||||
|
- strpadcpy(oem_id, sizeof oem_id, OEM_ID, ' ');
|
||||||
|
- strpadcpy(oem_table_id, sizeof oem_table_id, OEM_TABLE_ID, ' ');
|
||||||
|
for (i = 0; i < data->tables->len; ++i) {
|
||||||
|
AcpiSdtTable *sdt;
|
||||||
|
|
||||||
|
@@ -1482,8 +1479,8 @@ static void test_oem_fields(test_data *data)
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
- g_assert(memcmp(sdt->aml + 10, oem_id, 6) == 0);
|
||||||
|
- g_assert(memcmp(sdt->aml + 16, oem_table_id, 8) == 0);
|
||||||
|
+ g_assert(memcmp(sdt->aml + 10, OEM_ID, 6) == 0);
|
||||||
|
+ g_assert(memcmp(sdt->aml + 16, OEM_TABLE_ID, 8) == 0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,38 @@
|
||||||
|
From 83a99be0e3ae93df84f7cd20ac9f6495cc9d0c63 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Date: Wed, 12 Jan 2022 08:03:30 -0500
|
||||||
|
Subject: [PATCH] tests: acpi: whitelist nvdimm's SSDT and FACP.slic expected
|
||||||
|
blobs
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
The next commit will revert OEM fields whitespace padding to
|
||||||
|
padding with '\0' as it was before [1]. That will change OEM
|
||||||
|
Table ID for:
|
||||||
|
* SSDT.*: where it was padded from 6 characters to 8
|
||||||
|
* FACP.slic: where it was padded from 2 characters to 8
|
||||||
|
after reverting whitespace padding, it will be replaced with
|
||||||
|
'\0' which effectively will shorten OEM table ID to 6 and 2
|
||||||
|
characters.
|
||||||
|
|
||||||
|
Whitelist affected tables before introducing the change.
|
||||||
|
|
||||||
|
1) 602b458201 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
|
||||||
|
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Message-Id: <20220112130332.1648664-3-imammedo@redhat.com>
|
||||||
|
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
(cherry picked from commit d1e4a4654154925eddf0fc449fa9c92b806b9c8c)
|
||||||
|
---
|
||||||
|
tests/qtest/bios-tables-test-allowed-diff.h | 4 ++++
|
||||||
|
1 file changed, 4 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h
|
||||||
|
index dfb8523c8b..7faa8f53be 100644
|
||||||
|
--- a/tests/qtest/bios-tables-test-allowed-diff.h
|
||||||
|
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
|
||||||
|
@@ -1 +1,5 @@
|
||||||
|
/* List of comma-separated changed AML files to ignore */
|
||||||
|
+"tests/data/acpi/virt/SSDT.memhp",
|
||||||
|
+"tests/data/acpi/pc/SSDT.dimmpxm",
|
||||||
|
+"tests/data/acpi/q35/SSDT.dimmpxm",
|
||||||
|
+"tests/data/acpi/q35/FACP.slic",
|
|
@ -0,0 +1,59 @@
|
||||||
|
From b1e3d3ee5ab5be89257075201ecfeab93ec8dd5e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Date: Wed, 12 Jan 2022 08:03:31 -0500
|
||||||
|
Subject: [PATCH] acpi: fix OEM ID/OEM Table ID padding
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
Commit [2] broke original '\0' padding of OEM ID and OEM Table ID
|
||||||
|
fields in headers of ACPI tables. While it doesn't have impact on
|
||||||
|
default values since QEMU uses 6 and 8 characters long values
|
||||||
|
respectively, it broke usecase where IDs are provided on QEMU CLI.
|
||||||
|
It shouldn't affect guest (but may cause licensing verification
|
||||||
|
issues in guest OS).
|
||||||
|
One of the broken usecases is user supplied SLIC table with IDs
|
||||||
|
shorter than max possible length, where [2] mangles IDs with extra
|
||||||
|
spaces in RSDT and FADT tables whereas guest OS expects those to
|
||||||
|
mirror the respective values of the used SLIC table.
|
||||||
|
|
||||||
|
Fix it by replacing whitespace padding with '\0' padding in
|
||||||
|
accordance with [1] and expectations of guest OS
|
||||||
|
|
||||||
|
1) ACPI spec, v2.0b
|
||||||
|
17.2 AML Grammar Definition
|
||||||
|
...
|
||||||
|
//OEM ID of up to 6 characters. If the OEM ID is
|
||||||
|
//shorter than 6 characters, it can be terminated
|
||||||
|
//with a NULL character.
|
||||||
|
|
||||||
|
2)
|
||||||
|
Fixes: 602b458201 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
|
||||||
|
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/707
|
||||||
|
Reported-by: Dmitry V. Orekhov <dima.orekhov@gmail.com>
|
||||||
|
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Cc: qemu-stable@nongnu.org
|
||||||
|
Message-Id: <20220112130332.1648664-4-imammedo@redhat.com>
|
||||||
|
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
Reviewed-by: Ani Sinha <ani@anisinha.ca>
|
||||||
|
Tested-by: Dmitry V. Orekhov dima.orekhov@gmail.com
|
||||||
|
(cherry picked from commit 748c030f360a940fe0c9382c8ca1649096c3a80d)
|
||||||
|
---
|
||||||
|
hw/acpi/aml-build.c | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/hw/acpi/aml-build.c b/hw/acpi/aml-build.c
|
||||||
|
index b3b3310df3..65148d5b9d 100644
|
||||||
|
--- a/hw/acpi/aml-build.c
|
||||||
|
+++ b/hw/acpi/aml-build.c
|
||||||
|
@@ -1724,9 +1724,9 @@ void acpi_table_begin(AcpiTable *desc, GArray *array)
|
||||||
|
build_append_int_noprefix(array, 0, 4); /* Length */
|
||||||
|
build_append_int_noprefix(array, desc->rev, 1); /* Revision */
|
||||||
|
build_append_int_noprefix(array, 0, 1); /* Checksum */
|
||||||
|
- build_append_padded_str(array, desc->oem_id, 6, ' '); /* OEMID */
|
||||||
|
+ build_append_padded_str(array, desc->oem_id, 6, '\0'); /* OEMID */
|
||||||
|
/* OEM Table ID */
|
||||||
|
- build_append_padded_str(array, desc->oem_table_id, 8, ' ');
|
||||||
|
+ build_append_padded_str(array, desc->oem_table_id, 8, '\0');
|
||||||
|
build_append_int_noprefix(array, 1, 4); /* OEM Revision */
|
||||||
|
g_array_append_vals(array, ACPI_BUILD_APPNAME8, 4); /* Creator ID */
|
||||||
|
build_append_int_noprefix(array, 1, 4); /* Creator Revision */
|
|
@ -0,0 +1,58 @@
|
||||||
|
From 153f39dc6eec56092cc2b44b5690c9cdd77927b4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Date: Fri, 14 Jan 2022 09:26:41 -0500
|
||||||
|
Subject: [PATCH] tests: acpi: test short OEM_ID/OEM_TABLE_ID values in
|
||||||
|
test_oem_fields()
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
Previous patch [1] added explicit whitespace padding to OEM_ID/OEM_TABLE_ID
|
||||||
|
values used in test_oem_fields() testcase to avoid false positive and
|
||||||
|
bisection issues when QEMU is switched to \0' padding. As result
|
||||||
|
testcase ceased to test values that were shorter than max possible
|
||||||
|
length values.
|
||||||
|
|
||||||
|
Update testcase to make sure that it's testing shorter IDs like it
|
||||||
|
used to before [2].
|
||||||
|
|
||||||
|
1) "tests: acpi: manually pad OEM_ID/OEM_TABLE_ID for test_oem_fields() test"
|
||||||
|
2) 602b458201 ("acpi: Permit OEM ID and OEM table ID fields to be changed")
|
||||||
|
|
||||||
|
Signed-off-by: Igor Mammedov <imammedo@redhat.com>
|
||||||
|
Message-Id: <20220114142641.1727679-1-imammedo@redhat.com>
|
||||||
|
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
|
||||||
|
(cherry picked from commit 408ca92634770de5eac7965ed97c6260e770f2e7)
|
||||||
|
---
|
||||||
|
tests/qtest/bios-tables-test.c | 12 ++++++------
|
||||||
|
1 file changed, 6 insertions(+), 6 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/tests/qtest/bios-tables-test.c b/tests/qtest/bios-tables-test.c
|
||||||
|
index f5ae719b96..5c497aa0ae 100644
|
||||||
|
--- a/tests/qtest/bios-tables-test.c
|
||||||
|
+++ b/tests/qtest/bios-tables-test.c
|
||||||
|
@@ -71,10 +71,10 @@
|
||||||
|
|
||||||
|
#define ACPI_REBUILD_EXPECTED_AML "TEST_ACPI_REBUILD_AML"
|
||||||
|
|
||||||
|
-#define OEM_ID "TEST "
|
||||||
|
-#define OEM_TABLE_ID "OEM "
|
||||||
|
-#define OEM_TEST_ARGS "-machine x-oem-id='" OEM_ID "',x-oem-table-id='" \
|
||||||
|
- OEM_TABLE_ID "'"
|
||||||
|
+#define OEM_ID "TEST"
|
||||||
|
+#define OEM_TABLE_ID "OEM"
|
||||||
|
+#define OEM_TEST_ARGS "-machine x-oem-id=" OEM_ID ",x-oem-table-id=" \
|
||||||
|
+ OEM_TABLE_ID
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
bool tcg_only;
|
||||||
|
@@ -1479,8 +1479,8 @@ static void test_oem_fields(test_data *data)
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
- g_assert(memcmp(sdt->aml + 10, OEM_ID, 6) == 0);
|
||||||
|
- g_assert(memcmp(sdt->aml + 16, OEM_TABLE_ID, 8) == 0);
|
||||||
|
+ g_assert(strncmp((char *)sdt->aml + 10, OEM_ID, 6) == 0);
|
||||||
|
+ g_assert(strncmp((char *)sdt->aml + 16, OEM_TABLE_ID, 8) == 0);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,63 @@
|
||||||
|
From 1bf4552b6faded64ac89c6a25bcff9f912f2667d Mon Sep 17 00:00:00 2001
|
||||||
|
From: Murilo Opsfelder Araujo <muriloo@linux.ibm.com>
|
||||||
|
Date: Fri, 11 Mar 2022 19:16:34 -0300
|
||||||
|
Subject: [PATCH] block-qdict: Fix -Werror=maybe-uninitialized build failure
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
Building QEMU on Fedora 37 (Rawhide Prerelease) ppc64le failed with the
|
||||||
|
following error:
|
||||||
|
|
||||||
|
$ ../configure --prefix=/usr/local/qemu-disabletcg --target-list=ppc-softmmu,ppc64-softmmu --disable-tcg --disable-linux-user
|
||||||
|
...
|
||||||
|
$ make -j$(nproc)
|
||||||
|
...
|
||||||
|
In file included from /root/qemu/include/qapi/qmp/qdict.h:16,
|
||||||
|
from /root/qemu/include/block/qdict.h:13,
|
||||||
|
from ../qobject/block-qdict.c:11:
|
||||||
|
/root/qemu/include/qapi/qmp/qobject.h: In function ‘qdict_array_split’:
|
||||||
|
/root/qemu/include/qapi/qmp/qobject.h:49:17: error: ‘subqdict’ may be used uninitialized [-Werror=maybe-uninitialized]
|
||||||
|
49 | typeof(obj) _obj = (obj); \
|
||||||
|
| ^~~~
|
||||||
|
../qobject/block-qdict.c:227:16: note: ‘subqdict’ declared here
|
||||||
|
227 | QDict *subqdict;
|
||||||
|
| ^~~~~~~~
|
||||||
|
cc1: all warnings being treated as errors
|
||||||
|
|
||||||
|
Fix build failure by expanding the ternary operation.
|
||||||
|
Tested with `make check-unit` (the check-block-qdict test passed).
|
||||||
|
|
||||||
|
Signed-off-by: Murilo Opsfelder Araujo <muriloo@linux.ibm.com>
|
||||||
|
Cc: Kevin Wolf <kwolf@redhat.com>
|
||||||
|
Cc: Hanna Reitz <hreitz@redhat.com>
|
||||||
|
Cc: Markus Armbruster <armbru@redhat.com>
|
||||||
|
Message-Id: <20220311221634.58288-1-muriloo@linux.ibm.com>
|
||||||
|
Reviewed-by: Markus Armbruster <armbru@redhat.com>
|
||||||
|
Signed-off-by: Markus Armbruster <armbru@redhat.com>
|
||||||
|
Tested-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
|
||||||
|
(cherry picked from commit 79854b95446396c8e7f397800c5d86c3d9a7540d)
|
||||||
|
---
|
||||||
|
qobject/block-qdict.c | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/qobject/block-qdict.c b/qobject/block-qdict.c
|
||||||
|
index 1487cc5dd8..4a83bda2c3 100644
|
||||||
|
--- a/qobject/block-qdict.c
|
||||||
|
+++ b/qobject/block-qdict.c
|
||||||
|
@@ -251,12 +251,12 @@ void qdict_array_split(QDict *src, QList **dst)
|
||||||
|
if (is_subqdict) {
|
||||||
|
qdict_extract_subqdict(src, &subqdict, prefix);
|
||||||
|
assert(qdict_size(subqdict) > 0);
|
||||||
|
+ qlist_append_obj(*dst, QOBJECT(subqdict));
|
||||||
|
} else {
|
||||||
|
qobject_ref(subqobj);
|
||||||
|
qdict_del(src, indexstr);
|
||||||
|
+ qlist_append_obj(*dst, subqobj);
|
||||||
|
}
|
||||||
|
-
|
||||||
|
- qlist_append_obj(*dst, subqobj ?: QOBJECT(subqdict));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,63 @@
|
||||||
|
From bab0144328d7a9c9c8659da264fbaeb6c1dfdbb6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
Date: Mon, 21 Mar 2022 15:30:18 +0100
|
||||||
|
Subject: [PATCH] hw/i386/amd_iommu: Fix maybe-uninitialized error with GCC 12
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
Be more explicit that the loop must roll at least once. Avoids the
|
||||||
|
following warning:
|
||||||
|
|
||||||
|
FAILED: libqemu-x86_64-softmmu.fa.p/hw_i386_amd_iommu.c.o
|
||||||
|
In function 'pte_get_page_mask',
|
||||||
|
inlined from 'amdvi_page_walk' at hw/i386/amd_iommu.c:945:25,
|
||||||
|
inlined from 'amdvi_do_translate' at hw/i386/amd_iommu.c:989:5,
|
||||||
|
inlined from 'amdvi_translate' at hw/i386/amd_iommu.c:1038:5:
|
||||||
|
hw/i386/amd_iommu.c:877:38: error: 'oldlevel' may be used uninitialized [-Werror=maybe-uninitialized]
|
||||||
|
877 | return ~((1UL << ((oldlevel * 9) + 3)) - 1);
|
||||||
|
| ~~~~~~~~~~~~~~~~^~~~
|
||||||
|
hw/i386/amd_iommu.c: In function 'amdvi_translate':
|
||||||
|
hw/i386/amd_iommu.c:906:41: note: 'oldlevel' was declared here
|
||||||
|
906 | unsigned level, present, pte_perms, oldlevel;
|
||||||
|
| ^~~~~~~~
|
||||||
|
cc1: all warnings being treated as errors
|
||||||
|
|
||||||
|
Having:
|
||||||
|
|
||||||
|
$ gcc --version
|
||||||
|
gcc (Debian 12-20220313-1) 12.0.1 20220314 (experimental)
|
||||||
|
|
||||||
|
Reported-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
|
||||||
|
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
|
||||||
|
(cherry picked from commit 17e6ffa6a5d2674cb2ebfd967d28b1048261d977)
|
||||||
|
---
|
||||||
|
hw/i386/amd_iommu.c | 7 ++-----
|
||||||
|
1 file changed, 2 insertions(+), 5 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/hw/i386/amd_iommu.c b/hw/i386/amd_iommu.c
|
||||||
|
index 91fe34ae58..f2960a0f38 100644
|
||||||
|
--- a/hw/i386/amd_iommu.c
|
||||||
|
+++ b/hw/i386/amd_iommu.c
|
||||||
|
@@ -911,7 +911,7 @@ static void amdvi_page_walk(AMDVIAddressSpace *as, uint64_t *dte,
|
||||||
|
}
|
||||||
|
|
||||||
|
/* we are at the leaf page table or page table encodes a huge page */
|
||||||
|
- while (level > 0) {
|
||||||
|
+ do {
|
||||||
|
pte_perms = amdvi_get_perms(pte);
|
||||||
|
present = pte & 1;
|
||||||
|
if (!present || perms != (perms & pte_perms)) {
|
||||||
|
@@ -930,10 +930,7 @@ static void amdvi_page_walk(AMDVIAddressSpace *as, uint64_t *dte,
|
||||||
|
}
|
||||||
|
oldlevel = level;
|
||||||
|
level = get_pte_translation_mode(pte);
|
||||||
|
- if (level == 0x7) {
|
||||||
|
- break;
|
||||||
|
- }
|
||||||
|
- }
|
||||||
|
+ } while (level > 0 && level < 7);
|
||||||
|
|
||||||
|
if (level == 0x7) {
|
||||||
|
page_mask = pte_override_page_mask(pte);
|
|
@ -0,0 +1,51 @@
|
||||||
|
From 11902ed45f0ca9643f656dba4d630d276080ead2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Cole Robinson <crobinso@redhat.com>
|
||||||
|
Date: Tue, 17 May 2022 15:19:02 -0400
|
||||||
|
Subject: [PATCH] Update bios-table-test blobs after bugfix backports
|
||||||
|
Content-type: text/plain
|
||||||
|
|
||||||
|
Signed-off-by: Cole Robinson <crobinso@redhat.com>
|
||||||
|
---
|
||||||
|
tests/data/acpi/pc/SSDT.dimmpxm | Bin 734 -> 734 bytes
|
||||||
|
tests/data/acpi/q35/SSDT.dimmpxm | Bin 734 -> 734 bytes
|
||||||
|
tests/data/acpi/virt/SSDT.memhp | Bin 736 -> 736 bytes
|
||||||
|
tests/qtest/bios-tables-test-allowed-diff.h | 4 ----
|
||||||
|
4 files changed, 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/tests/data/acpi/pc/SSDT.dimmpxm b/tests/data/acpi/pc/SSDT.dimmpxm
|
||||||
|
index a50a961fa1d9b0dd8ea4096d652c83bcf04db20b..ac55387d57e48adb99eb738a102308688a262fb8 100644
|
||||||
|
GIT binary patch
|
||||||
|
delta 33
|
||||||
|
ocmcb|dXH5iIM^lR9uortW0;e_vq!LkUzm%huP+0`Mu}rg0HzrUKL7v#
|
||||||
|
|
||||||
|
delta 33
|
||||||
|
ocmcb|dXH5iIM^lR9uortqnMMwvq!LkUzm%hudjl_Mu}rg0HV1GKL7v#
|
||||||
|
|
||||||
|
diff --git a/tests/data/acpi/q35/SSDT.dimmpxm b/tests/data/acpi/q35/SSDT.dimmpxm
|
||||||
|
index 617a1c911c7d6753bcedc8ecc52e3027a5259ad6..98e6f0e3f3bb02dd419e36bdd1db9b94c728c406 100644
|
||||||
|
GIT binary patch
|
||||||
|
delta 33
|
||||||
|
ocmcb|dXH5iIM^lR9uortqnnezvq!LkUzm%huP+0`Mu}rg0Ho;&F8}}l
|
||||||
|
|
||||||
|
delta 33
|
||||||
|
ocmcb|dXH5iIM^lR9uortBb$@Ivq!LkUzm%hudjl_Mu}rg0HKKqF8}}l
|
||||||
|
|
||||||
|
diff --git a/tests/data/acpi/virt/SSDT.memhp b/tests/data/acpi/virt/SSDT.memhp
|
||||||
|
index e8b850ae2239d8f496b12de672c2a1268e2f269d..375d7b6fc85a484f492a26ccd355c205f2c34473 100644
|
||||||
|
GIT binary patch
|
||||||
|
delta 33
|
||||||
|
ocmaFB`hZm;IM^lR0TTlQqrH>Avq!LkUzm%huP+0`Mu`(l0HqiSFaQ7m
|
||||||
|
|
||||||
|
delta 33
|
||||||
|
ocmaFB`hZm;IM^lR0TTlQ<9{cAXOCb7zc3e1Uta}<jS?rA0JOLYFaQ7m
|
||||||
|
|
||||||
|
diff --git a/tests/qtest/bios-tables-test-allowed-diff.h b/tests/qtest/bios-tables-test-allowed-diff.h
|
||||||
|
index 7faa8f53be..dfb8523c8b 100644
|
||||||
|
--- a/tests/qtest/bios-tables-test-allowed-diff.h
|
||||||
|
+++ b/tests/qtest/bios-tables-test-allowed-diff.h
|
||||||
|
@@ -1,5 +1 @@
|
||||||
|
/* List of comma-separated changed AML files to ignore */
|
||||||
|
-"tests/data/acpi/virt/SSDT.memhp",
|
||||||
|
-"tests/data/acpi/pc/SSDT.dimmpxm",
|
||||||
|
-"tests/data/acpi/q35/SSDT.dimmpxm",
|
||||||
|
-"tests/data/acpi/q35/FACP.slic",
|
|
@ -0,0 +1,39 @@
|
||||||
|
qemu-kvm-tests README
|
||||||
|
=====================
|
||||||
|
|
||||||
|
The qemu-kvm-tests rpm contains tests that can be used to verify the
|
||||||
|
functionality of the installed qemu-kvm package
|
||||||
|
|
||||||
|
When installed, the files from this rpm will be arranged in the following
|
||||||
|
directory structure
|
||||||
|
|
||||||
|
tests-src/
|
||||||
|
├── README
|
||||||
|
├── scripts
|
||||||
|
│ ├── qemu.py
|
||||||
|
│ └── qmp
|
||||||
|
└── tests
|
||||||
|
├── acceptance
|
||||||
|
├── Makefile.include
|
||||||
|
└── qemu-iotests
|
||||||
|
|
||||||
|
The tests/ directory within the tests-src/ directory is setup to remain a copy
|
||||||
|
of a subset of the tests/ directory from the QEMU source tree
|
||||||
|
|
||||||
|
The avocado_qemu tests and qemu-iotests, along with files required for the
|
||||||
|
execution of the avocado_qemu tests (scripts/qemu.py and scripts/qmp/) will be
|
||||||
|
installed in a new location - /usr/lib64/qemu-kvm/tests-src/
|
||||||
|
|
||||||
|
avocado_qemu tests:
|
||||||
|
The avocado_qemu tests can be executed by running the following avocado command:
|
||||||
|
avocado run -p qemu_bin=/usr/libexec/qemu-kvm /usr/lib64/qemu-kvm/tests/acceptance/
|
||||||
|
Avocado needs to be installed separately using either pip or from source as
|
||||||
|
Avocado is not being packaged for RHEL-8.
|
||||||
|
|
||||||
|
qemu-iotests:
|
||||||
|
symlinks to corresponding binaries need to be created for QEMU_PROG,
|
||||||
|
QEMU_IO_PROG, QEMU_IMG_PROG, and QEMU_NBD_PROG before the iotests can be
|
||||||
|
executed.
|
||||||
|
|
||||||
|
The primary purpose of this package is to make these tests available to be
|
||||||
|
executed as gating tests for the virt module in the RHEL-8 OSCI environment.
|
|
@ -0,0 +1,6 @@
|
||||||
|
--- !Policy
|
||||||
|
product_versions:
|
||||||
|
- fedora-*
|
||||||
|
decision_context: bodhi_update_push_stable
|
||||||
|
rules:
|
||||||
|
- !PassingTestCaseRule {test_case_name: fedora-ci.koji-build.tier0.functional}
|
|
@ -0,0 +1,19 @@
|
||||||
|
# User changes in this file are preserved across upgrades.
|
||||||
|
#
|
||||||
|
# Setting "modprobe kvm nested=1" only enables Nested Virtualization until
|
||||||
|
# the next reboot or module reload. Uncomment the option below to enable
|
||||||
|
# the feature permanently.
|
||||||
|
#
|
||||||
|
#options kvm nested=1
|
||||||
|
#
|
||||||
|
#
|
||||||
|
# Setting "modprobe kvm hpage=1" only enables Huge Page Backing (1MB)
|
||||||
|
# support until the next reboot or module reload. Uncomment the option
|
||||||
|
# below to enable the feature permanently.
|
||||||
|
#
|
||||||
|
# Note: - Incompatible with "nested=1". Loading the module will fail.
|
||||||
|
# - Dirty page logging will be performed on a 1MB (not 4KB) basis,
|
||||||
|
# which can result in a lot of data having to be transferred during
|
||||||
|
# migration, and therefore taking very long to converge.
|
||||||
|
#
|
||||||
|
#options kvm hpage=1
|
|
@ -0,0 +1,12 @@
|
||||||
|
# Setting modprobe kvm_intel/kvm_amd nested = 1
|
||||||
|
# only enables Nested Virtualization until the next reboot or
|
||||||
|
# module reload. Uncomment the option applicable
|
||||||
|
# to your system below to enable the feature permanently.
|
||||||
|
#
|
||||||
|
# User changes in this file are preserved across upgrades.
|
||||||
|
#
|
||||||
|
# For Intel
|
||||||
|
#options kvm_intel nested=1
|
||||||
|
#
|
||||||
|
# For AMD
|
||||||
|
#options kvm_amd nested=1
|
|
@ -1,11 +0,0 @@
|
||||||
###
|
|
||||||
### This configuration file was provided by the qemu package.
|
|
||||||
### Feel free to update as needed.
|
|
||||||
###
|
|
||||||
|
|
||||||
###
|
|
||||||
### Set these options to enable nested virtualization
|
|
||||||
###
|
|
||||||
|
|
||||||
#options kvm_intel nested=1
|
|
||||||
#options kvm_amd nested=1
|
|
|
@ -0,0 +1,3 @@
|
||||||
|
#
|
||||||
|
# User changes in this file are preserved across upgrades.
|
||||||
|
#
|
|
@ -0,0 +1,8 @@
|
||||||
|
# toplevel plan boilerplate
|
||||||
|
summary: qemu tests
|
||||||
|
description:
|
||||||
|
Test qemu
|
||||||
|
discover:
|
||||||
|
how: fmf
|
||||||
|
execute:
|
||||||
|
how: tmt
|
10
qemu-kvm.sh
10
qemu-kvm.sh
|
@ -1,10 +0,0 @@
|
||||||
#!/bin/sh
|
|
||||||
|
|
||||||
# Libvirt introspects the binary using -M none. In that case, don't try
|
|
||||||
# to init KVM, which will fail and be noisy if the host has kvm disabled
|
|
||||||
opts="-machine accel=kvm"
|
|
||||||
if echo "$@" | grep -q " -M none "; then
|
|
||||||
opts=
|
|
||||||
fi
|
|
||||||
|
|
||||||
exec /usr/bin/qemu-system-x86_64 $opts "$@"
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
||||||
SHA512 (qemu-5.2.0-rc4.tar.xz) = 47e918392609c34f904962e5759125485407ae52c273053729054300e10fc67fc7ed443c9af25d1d852a5f5c70eee125c703ce15d0e571068848f405de33db3b
|
SHA512 (qemu-6.2.0.tar.xz) = e9f8231c9e1cfcc41cb47f10a55d63f6b8aee307af00cf6acf64acb7aa4f49fa7e9d6330703a2abea15d8b7bbaba7d3cb08c83edd98d82642367b527df730817
|
||||||
|
|
|
@ -0,0 +1,20 @@
|
||||||
|
# This is 'tmt' config format
|
||||||
|
# https://tmt.readthedocs.io/en/stable/spec.html
|
||||||
|
|
||||||
|
summary: Runtime test qemu
|
||||||
|
|
||||||
|
require:
|
||||||
|
- qemu
|
||||||
|
- qemu-sanity-check
|
||||||
|
|
||||||
|
/smoke:
|
||||||
|
# Make sure -help doesn't fail
|
||||||
|
test: |
|
||||||
|
set -eux
|
||||||
|
qemu-system-x86_64 -help
|
||||||
|
qemu-img -help
|
||||||
|
|
||||||
|
/qemu-sanity-check:
|
||||||
|
test: |
|
||||||
|
set -eux
|
||||||
|
qemu-sanity-check -v
|
|
@ -0,0 +1,3 @@
|
||||||
|
# Increase default vhost memory map limit to match
|
||||||
|
# KVM's memory slot limit
|
||||||
|
options vhost max_mem_regions=509
|
Loading…
Reference in New Issue